function uploadOriginalFile($field, &$post, $file)
{
$app = JFactory::getApplication();
$format = JRequest::getVar('format', 'html', '', 'cmd');
$err = null;
// Get the component configuration
$cparams = JComponentHelper::getParams('com_flexicontent');
$params = clone $cparams;
// Merge field parameters into the global parameters
$fparams = $field->parameters;
$params->merge($fparams);
jimport('joomla.utilities.date');
jimport('joomla.filesystem.file');
jimport('joomla.client.helper');
// Set FTP credentials, if given
JClientHelper::setCredentialsFromRequest('ftp');
// Make the filename safe
$file['name'] = JFile::makeSafe($file['name']);
$all_media = $field->parameters->get('list_all_media_files', 0);
$unique_thumb_method = $field->parameters->get('unique_thumb_method', 0);
$image_source = $field->parameters->get('image_source', 0);
// This should be always ZERO inside this function
if ($image_source > 1) {
global $fc_folder_mode_err;
if (empty($fc_folder_mode_err[$field->id])) {
echo __FUNCTION__ . "(): folder-mode: " . $image_source . " not implemented please change image-source mode in image/gallery field with id: " . $field->id;
$fc_folder_mode_err[$field->id] = 1;
$image_source = 1;
}
}
// FLAG to indicate if images are shared across fields, has the effect of adding field id to image thumbnails
$multiple_image_usages = !$image_source && $all_media && $unique_thumb_method == 0;
$extra_prefix = $multiple_image_usages ? 'fld' . $field->id . '_' : '';
if (isset($file['name']) && $file['name'] != '') {
// only handle the secure folder
$path = COM_FLEXICONTENT_FILEPATH . DS;
//sanitize filename further and make unique
$filename = flexicontent_upload::sanitize($path, $file['name']);
$filepath = JPath::clean(COM_FLEXICONTENT_FILEPATH . DS . strtolower($filename));
//perform security check according
if (!flexicontent_upload::check($file, $err, $params)) {
if ($format == 'json') {
jimport('joomla.error.log');
$log = JLog::getInstance('com_flexicontent.error.php');
$log->addEntry(array('comment' => 'Invalid: ' . $filepath . ': ' . $err));
header('HTTP/1.0 415 Unsupported Media Type');
die('Error. Unsupported Media Type!');
} else {
JError::raiseNotice(100, $field->label . ' : ' . JText::_($err));
return false;
}
}
//get the extension to record it in the DB
$ext = strtolower(JFile::getExt($filename));
if (!JFile::upload($file['tmp_name'], $filepath)) {
if ($format == 'json') {
jimport('joomla.error.log');
$log = JLog::getInstance('com_flexicontent.error.php');
$log->addEntry(array('comment' => 'Cannot upload: ' . $filepath));
header('HTTP/1.0 409 Conflict');
jexit('Error. File already exists');
} else {
JError::raiseWarning(100, $field->label . ' : ' . JText::_('Error. Unable to upload file'));
return false;
}
} else {
$db = JFactory::getDBO();
$user = JFactory::getUser();
$config = JFactory::getConfig();
$timezone = $config->get('offset');
$date = JFactory::getDate('now');
$date->setTimeZone(new DateTimeZone($timezone));
$obj = new stdClass();
$obj->filename = $filename;
$obj->altname = $file['name'];
$obj->url = 0;
$obj->secure = 1;
$obj->ext = $ext;
$obj->hits = 0;
$obj->uploaded = FLEXI_J16GE ? $date->toSql() : $date->toMySQL();
$obj->uploaded_by = $user->get('id');
if ($format == 'json') {
jimport('joomla.error.log');
$log = JLog::getInstance();
$log->addEntry(array('comment' => $filepath));
$db->insertObject('#__flexicontent_files', $obj);
jexit('Upload complete');
} else {
$db->insertObject('#__flexicontent_files', $obj);
$app->enqueueMessage($field->label . ' : ' . JText::_('Upload complete'));
$sizes = array('l', 'm', 's', 'b');
foreach ($sizes as $size) {
// create the thumbnail
$this->create_thumb($field, $filename, $size, $origpath = '', $destpath = '', $copy_original = 0, $extra_prefix);
// set the filename for posting
$post['originalname'] = $filename;
}
return true;
}
}
} else {
$err = 'File upload failed';
JError::raiseNotice(100, $field->label . ' : ' . JText::_($err));
return false;
}
}
/**
* Upload a file from a server directory
*
* @since 1.0
*/
function addlocal()
{
// Check for request forgeries
JRequest::checkToken('request') or jexit('Invalid Token');
$app = JFactory::getApplication();
$db = JFactory::getDBO();
$user = JFactory::getUser();
$return = JRequest::getVar('return-url', null, 'post', 'base64');
$filesdir = JRequest::getVar('file-dir-path', '', 'post');
$regexp = JRequest::getVar('file-filter-re', '.', 'post');
$secure = JRequest::getInt('secure', 1, 'post');
$secure = $secure ? 1 : 0;
$keep = JRequest::getInt('keep', 1, 'post');
$params = JComponentHelper::getParams('com_flexicontent');
$destpath = $secure ? COM_FLEXICONTENT_FILEPATH . DS : COM_FLEXICONTENT_MEDIAPATH . DS;
$filedesc = JRequest::getVar('file-desc', '');
$filelang = JRequest::getVar('file-lang', '');
// allowed extensions
$filterext = JRequest::getVar('file-filter-ext', '', 'post');
$filterext = $filterext ? explode(',', $filterext) : array();
foreach ($filterext as $_i => $_ext) {
$filterext[$_i] = strtolower($_ext);
}
$confext = preg_split("/[\\s]*,[\\s]*/", strtolower($params->get('upload_extensions', 'bmp,csv,doc,gif,ico,jpg,jpeg,odg,odp,ods,odt,pdf,png,ppt,swf,txt,xcf,xls,zip,ics')));
// (optionally) Limit COMPONENT configured extensions, to those extensions requested by the FORM/URL variable
$allowed = $filterext ? array_intersect($filterext, $confext) : $confext;
jimport('joomla.utilities.date');
jimport('joomla.filesystem.file');
jimport('joomla.filesystem.folder');
$filesdir = JPath::clean(JPATH_SITE . $filesdir . DS);
$filenames = JFolder::files($filesdir, $regexp);
// create the folder if it doesnt exists
if (!JFolder::exists($destpath)) {
if (!JFolder::create($destpath)) {
JError::raiseWarning(100, JText::_('Error. Unable to create folders'));
return;
}
}
// check if the form fields are not empty
if (!$filesdir) {
JError::raiseNotice(1, JText::_('FLEXI_WARN_NO_FILE_DIR'));
if (!$return) {
return;
}
// REDIRECT only if this was requested
$app->redirect(base64_decode($return) . "&" . (FLEXI_J30GE ? JSession::getFormToken() : JUtility::getToken()) . "=1");
}
$c = 0;
$file_ids = array();
if ($filenames) {
for ($n = 0; $n < count($filenames); $n++) {
$ext = strtolower(JFile::getExt($filesdir . $filenames[$n]));
if (!in_array($ext, $allowed)) {
continue;
}
$source = $filesdir . $filenames[$n];
$filename = flexicontent_upload::sanitize($destpath, $filenames[$n]);
$destination = $destpath . $filename;
// Copy or move the file
$success = $keep ? JFile::copy($source, $destination) : JFile::move($source, $destination);
if ($success) {
$filesize = filesize($destination);
$obj = new stdClass();
$obj->filename = $filename;
$obj->altname = $filename;
$obj->url = 0;
$obj->secure = $secure;
$obj->ext = $ext;
$obj->description = $filedesc;
$obj->language = $filelang ? $filelang : '*';
$obj->hits = 0;
$obj->size = $filesize;
$obj->uploaded = JFactory::getDate('now')->toSql();
$obj->uploaded_by = $user->get('id');
// Add the record to the DB
$db->insertObject('#__flexicontent_files', $obj);
$file_ids[$filename] = $db->insertid();
$c++;
}
}
$app->enqueueMessage(JText::sprintf('FLEXI_FILES_COPIED_SUCCESS', $c));
} else {
JError::raiseNotice(1, JText::_('FLEXI_WARN_NO_FILES_IN_DIR'));
if (!$return) {
return;
}
// REDIRECT only if this was requested
$app->redirect(base64_decode($return) . "&" . (FLEXI_J30GE ? JSession::getFormToken() : JUtility::getToken()) . "=1");
}
if (!$return) {
return $file_ids;
}
// REDIRECT only if this was requested
$app->redirect(base64_decode($return) . "&" . (FLEXI_J30GE ? JSession::getFormToken() : JUtility::getToken()) . "=1");
}
